Sure we CAN read your texts; but we DON'T. Not yet.

Facebook's Android app does take permission to read and write SMS messages, but doesn't use those functions currently except for a very limited trail of new functions that use SMS to transport billing, confirmation and other messages to Facebook, not to intercept text messages to or from users, Mackenzie wrote.

Facebook may eventually use SMS functions more widely. If it does, Mackenzie wrote, it will notify end users that it is doing so, just as it notified them that the current version of the app has permission to access text messages, even though it doesn't.

In a survey that ran with the Times story, 70 percent of Android users said they were not aware of the extent of the rights apps acquire to their text messages.

Weak excuses for demanding the right to snoop

It is entirely believable that the Times story misinterpreted the subtle difference between Facebook giving itself permission to read and write text messages and its current statement that it does not actually read the messages.

Saying Facebook can covertly monitor the content and targets of user text messages but chooses not to do so is not only a weak explanation, it's one that exacerbates the sense of end users that Facebook has abused its potential to invade their privacy in the past and will continue to do so whenever possible in the future.

Refusing to allow users to delete data, appearing to allow the deletion but secretly retaining the private data, connecting pictures and other content to the accounts of particular users without their permission are just a few of the clever, intrusive ways Facebook has abused the trust and data of users in the past.

It has done nothing to reassure anyone that a company whose business model is built on exploiting the private data of users has now become conscientious about privacy.

Having a vendor like invasion-of-privacy trendsetter Facebook demand the right to read and write text messages one or two version releases before it's ready to do anything with that permission does nothing to make anyone more confident in Facebook's restraint.

Google's admission last week that it had bypassed privacy functions in Safari and other browsers just reinforces the perception that online services whose revenue comes mainly from advertising will covertly monitor the activity of customers whenever they think they can get away with it.

Without more information from the Times about what information its reporters got from Facebook, what information it had to reinforce or contradict that information and how it reached its conclusions, there's no certain way to say whether or how badly the Times mangled the truth about how Android apps use their SMS access.

It does nothing to make the Times story less disturbing, however, that most of Facebook's objections could be dealt with simply by changing a few references from reading "is spying" to "could be spying" on the text messages of customers.

Especially in tech companies filled with people curious about what their customers are doing, eager to see if cool new search or networking tools work or network managers eager to estimate the speed and volume of Android text networks, the difference between "are" monitoring and "could be" monitoring is a lot narrower than anyone at Facebook appears willing to admit.

According to Mackenzie, Facebook's confirmation consisted of the following:

Facebook explainer sent to Sunday Times, acc to Iain Mackenzie:

Facebook is currently running a limited test of mobile features which integrate with SMS functionality.

SMS read/write is not currently implemented for most users of the mobile app.

As part of this test, we declared the presence of that functionality within our app store permissions starting with the 1.7 version of our application.

If Facebook ultimately launches any feature that makes use of these permissions, we will ensure that this is accompanied by appropriate guidance/educational materials.

Resulting writeup in the paper:

"Companies are using smartphone apps to extract vast quantities of private information about users’ lives, in some cases reading their text messages and intercepting calls.

"Among those that admitted reading text messages this weekend was the internet giant Facebook, which said it was accessing the information as part of a trial to launch its own messaging service.

read contact data: Allows an application to read all of the contact (address) data stored on your device. Malicious applications can use this to send your data to other people.

Write contact data: Allows an application to modify the contact (address) data stored on your device. Malicious applications can use this to erase or modify your contact data.

Phone calls: Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and the like.